On Sat, Dec 12, 1998 at 03:36:59PM +0000, Adrian Bridgett wrote: > So - what do the nominees think about Redhat? They're another dist. (Obviously.) Being that they're another free software dist, they aren't our enemies. I'm concerned however that many people have said Redhat is not in favor of GPL libraries because people cannot freely make proprietary code with them. Are they selling out? A lot of people think so, I have not passed judgement. As long as their primary interests help the community and indirectly us as a result, I'm all for supporting Redhat as an alternative to Debian. I don't use it however. Two releases in a row they have released programs suid root which should NOT be suid root. This shows their development strategy is build it first and fast, then secure it. This is bad and I can't safely rely on that sort of development to be secure. I hope they opt to develop with security in mind first in the future. I am also not afraid to tell people why I don't use it as I have just done. In an open security model, the best way to get a problem fixed is to make the problem well known. I wouldn't mind a machine running Redhat sitting along my primary Debian based machine provided the thing was behind a firewall, just in case. Consequently, this is the same requirement I'd have for a windoze box to be connected to the network, that it be firewalled from the outside world. Obviously, I wish they would adopt a more open development model which has the system as secure as it can be throughout their development. THey seem to be moving toward this goal and I will support them in doing so. > How can we work better with them? Besides the above and the LSB project, I think we can and should work and coordinate with with the people at Redhat in areas such as Linux and Free Software advocacy. (Note I am hesitant to use the Open Source service mark until the SPI/OSI issues are resolved and that done any changes made to the Open Source definition--I don't like to use the term because I'm not sure it'll mean when this is done what it means today) Other issues Another thing I think Redhat and Debian could do together that the LSB has (fortunately) opted not to address at this time are our package managers. The idea that they are so close and yet so far is unmistakable once you check out Joey Hess's comparison of package formats. My goal in this case is not necessarily to create a package manager used by both distributions--frankly Redhat is not willing to move from rpm and it seems most of Debian doesn't want to give up dpkg either. But if both are extended in ways that make their more feature-rich, they could become compatible. I don't suggest we adopt use of file dependancies in place of package dependancies personally. That's the one thing they have and we don't that I personally don't think we should have. Dependancy on files is a gross mis-feature designed to be compatible with installing both tarballs and packages it seems. The idea is somewhat harmful to Debian's policy and without the policy what would Debian be? I believe the contents file might serve to emulate this transparently, unless of course somebody has a better idea. I also believe we could and should work with Redhat with big projects such as a sane installation and configuration for X. Redhat has a config program already that's great when it works. When it doesn't, well, like many high level config tools in their dist, when it doesn't work you have to do everything the hard way. At least there is XF86Setup which can be easy if you have a mouse on /dev/mouse which happens to be Microsoft mode, etc. And if your monitor and video card are listed that helps too. Almost certainly you'll be tweaking monitor settings and modelines by hand though. I've already stated my position on high level tools. I can describe in more detail my thoughts on a project like a new configuration for X but that's really a technical issue suited for someone who's going to code such an animal. Provided nobody else has by the time I learn enough C to start writing it, I probably will. > How to grow market numbers like Redhat has? I don't know if that's possible without a marketting budget. However I'm sure we can give them a run for their money. We already have a product many ways better than theirs and we're not just going to sit here and let them catch up to us are we? In the end they're still on our side and we should work with them instead of against them, however I have no objection to deliberately leaving them in our dust if they don't want to keep up with us. > Adrian (who has concerns about Redhat but likes them all the same) Concern is important considering, but group paranoia will get us nowhere fast. Individual paranoia may be appropriate at some point, but what that point is I shall leave as an exercise for the reader. => -- "You're despicable." -- Daffy Duck
Attachment:
pgpzoO6Ox4dy7.pgp
Description: PGP signature